HomePentest-Tools.com Logo

Burp Suite < 1.7.34 Collaborator server certificate MITM Vulnerability - Mac OS X CVE-2018-10377

Severity
CVSSv3 Score
5.9
Vulnerability description

Burp Suite Community Edition is prone to a man-in-the-middle (MITM) vulnerability.

Risk description

The flaw exists due to improper validating of Collaborator server TLS certificate. It fails to check if the certificate CN matches the hostname, making it vulnerable to an active MITM attack. Successful exploitation will allow man-in-the-middle attackers to obtain interaction data.

Recommendation

Update to version 1.7.34 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 17, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available